I have the responsive firewall on. This morning, i turned on RTP debug to diagnose an issue and had a at lot of activity from an unknown IP.
The FW shows one blocked IP, not the one the RTP log shows.
I would guess that you have SIP Guests and Allow Anon calls enabled in Asterisk SIP Settings, and you have the firewall misconfigured. Open Source Pro Tips #2 - Firewall Basics